Here are the selected submissions grouped in one post. Read through them and place your votes in the newsletter poll.
I would have to say that loosing my laptop would be my worst nightmare and I definitely can sympathize with you Dave. My entire life is on my computer. I have word documents that have all my personal information. A thief would potentially have access to all my credit card numbers, account numbers, passwords, financial data, address books, phone numbers, email and even my lifes history on a resume. The data my laptop contains is far more valuable than the price of the laptop itself and I shutter at the thought of someone not having a backup of their data at home. I think for the most part all hotels claim that they are not responsible for lost or stolen items and that all valuables should be stored in the hotel safe. But, I would continue to pursue the hotel and I would make sure you have filed a police report. You could also check your homeowners insurance policy to see if you might be covered for the loss there. You always have the right to sue the hotel, but good luck with that. How do you prove you even had a laptop with you? In the end, it is pretty much your word against theirs.
So, how do you prevent this from happening in the future or at least reduce the devastating results of the loss.
AVOIDING THEFT The best course of action is to reduce the likelihood of having your laptop stolen in the first place. Nothing can stop a professional who is determined to steal your computer but the majority of thefts can be foiled with some simple steps.
1. Do not use a notebook bag. Storing you computer in a standard notebook bag is like hanging a steal me sign on your computer. Carry you computer in a standard briefcase or other less obvious bag or backpack.
2. Never leave your site Whenever possible, always keep your bag that has your computer with you. Do not give it to bellman. Do not check it with your luggage. Always carry it yourself.
3. Never leave your computer or computer case out in plain site when leaving your hotel room. Pack the computer away and place it in a drawer or inside another piece of luggage. A computer in clear site is just too tempting for some.
4. Notebook Locks and Alarms If you must leave your computer setup in your hotel room then use a notebook lock and alarm. There are some nice locks that have a built-in alarm that will sound when someone moves or tries to cut the cable. This will not guaranty the safety of your laptop but can definitely deter the casual thief from simply up and walking away with it.
LESSEN THE EFFECTS OF THE LOSS There are three categories of loss
1. Monetary Loss This is the loss of the actual dollar value of the laptop computer. I personally do not travel with my most expensive notebook. I keep that one at home and use one of my older models to travel with.
2. Data Loss Never leave home without BACKING UP your computer. If you always backup your data, at least you will never have to worry about not having your documents, emails or other data.
3. Losing your Data to someone else So that leaves the problem of now someone else has your data. Think about what you have on your computer. Would you want some stranger to have it all? Is there anything on your computer that could be used by someone else? Could they steal your identity? Your accounts? Your Passwords? The obvious way to prevent your most personal data from getting into the hands of someone else is to NOT store it on your computer in the first place. But for me that is not practical, the whole reason I have a computer is to have easy access to all my information. The other way to prevent or certainly make it more difficult for someone to get your data is to encrypt and password protect your whole computer and or a least the important files.
SECURE YOUR PC - Passwords There are many types of passwords and some are not very secure. Do not rely on your Windows logon password to protect you from much of anything. Someone can easily access your data by simply removing your hard drive and reading it on another computer. I many cases all a thief has to do is boot into safe mode and log in as the administrator, which most users forget and leave the password as blank, and then they can remove your account password.
1. Windows User Password This is your standard Windows logon password. This will prevent the casual walker by from looking at your computer while you are away from your desk. But as I mentioned above, it does not do much good if someone has stolen your computer.
2. System Password This password is set at the Bios level of the computer and would make it more difficult to get into your computer.
3. Hard Drive Password Some computers had the ability to set a password for the hard drive in the Bios and would make it much more difficult to read the data off the drive, even if it is removed from the computer.
4. Individual File Passwords You can assign a password to individual documents and spreadsheets to prevent someone from accessing those files. I would certainly password protect any sensitive files. Again if someone really wants your data and has the time, there is always a way to get in.
5. File Encryption There are many 3rd party programs that you can purchase that will encrypt your files. Or you can use the built-in encryption that comes with business versions of Windows such as Windows XP Pro and Vista Ultimate.
SO WHAT DO I DO
1. Always purchase computers with business class operating systems such as Windows XP PRO or Vista Ultimate and use the built-in file encryption.
2. Set a system password for the computer and make sure the Administrators password is set.
3. Password protect individual files that have critical data such as that word document that has all your credit card account numbers.
4. Backup your computer before you go on a trip.
5. Hardly ever let that computer out of your site.
6. Always hide your laptop away when you leave your hotel room.
NOTE: There is a down side to all this security. As you add various levels of security such as encryption and passwords, you also make it much more difficult or even impossible to recover data from your computer should something go wrong with it. It can also be a major problem if you lose or are not good at remembering password.
Good Luck and please update us as to the outcome with the hotel.
Submitted by waytron
First point: Yes, you most likely have a real identity theft concern any time any computer is stolen (also, by the way, any time you dispose of a comptuer without wiping the hard drive first ... and erasing files and even repartitioning / reformatting the hard drive isn't enough. The data must be overwritten).
It's likely that files on your hard drive have your date of birth, social security number, userIDs and passwords (for various things), and credit card numbers. If you use Quicken, TurboTax or any other financial software, or if you keep personal records on your PC, there is a LOT more information present.
The good news: Most thiefs are only interested in the hardware. But the risk is still there and very, very real.
How can you prevent this? Several ways, some more practical than others:
-Don't keep anything sensitive on the laptop (not very practical)
-Password protect the laptop itself (hardware password) and Windows logon, also as many files as you can. Practical and easy, but frankly not very effective. Almost all of these can be beaten.
-Encrypt the data: Both the ease of doing this and the effectiveness varies greatly from data type to data type. The most secure way is with "Bitlocker", a new Vista feature. Unfortunately, it's not even present in EITHER of the "Home" versions of Vista. Further, with secure encryption (even NTFS' EFS) the risk of having a problem that locks you out of your own data is very substantial.
A hard drive password, if your computer supports this (some do, some don't) is VERY effective ... without the proper password, the hard drive cannot be accessed (even if it's taken out and put on another computer). The philosophy here is that the data is more important than the hard drive itself and will be protected at all cost even if as a consequence the hard drive is effectively destroyed. Hard drive passwords are implemented entirely within the hard drive and there is no easy way around them (even gross things like getting a board from another identical but "unlocked" hard drive won't work). But, again, there is a risk of being locked out of your own data.
It goes without saying that if you have adequate backups, the loss of data isn't a big concern, rather the concern is having the data fall into the wrong hands. Of course if you have no backups then you have two problems: The wrong person may have the data, and you yourself don't.
Normally, state laws (in almost every state) limit the liability of hotels to a fixed and relatively small amount (which also means you cannot sue for more). Basically you are probably totally out of luck. Theft from hotel rooms is common, "wise" people are supposed to know this and act accordingly. When I'm traveling with a laptop, I always try one other means to prevent theft .... HIDE it. Often, hotel rooms have a windows along most of one wall with floor-length drapes, I put the laptop case behind the drapes. I also have a "Good" laptop and a "beater" laptop (a model 3-4 years old that is not worth all that much, less than $200)), and unless there is a good reason for it, I travel only with the "beater" laptop.
Your homeowners insurance MAY cover you on the cost of the laptops. Often, however, the loss of the data (both the fact that the wrong people may have it and you don't) is the FAR greater issue.
Submitted by Watzman
Reporting & Damage Control, Recovery, Preventative Measures
Hey Dave, You should be concerned. If I were you, here's what I'd do in three stages. The first two stages should be happening now and pretty close to simultaneously until complete. Part I is Reporting and Damage Control, Part II is Recovery, and Part III is Future Preventative Measures to avoid a similar situation.
Part I: Reporting and Damage Control
1) Obtain a copy of the police report associated with the theft.
2) Contact the major credit bureaus. For you AND your wife, have them place a fraud alert on your credit reports for your SSAN and hers (initial fraud alert is good for 90 days and extendable up to 7 years), tell them you want a copy of your credit report (and ask them to ensure only the last four digits of your SSAN are shown on these reports), and get and additional information or advice they can give you: Equifax 1-800-525-6285; Trans Union 1-800-680-7289 or Experian 1-888-397-3742.
3) Contact you credit card companies and tell them what happened; they should refer you to their anti-fraud department or some department with a similar name. They should offer to transfer your balance to a new card number and send you new cards. If fraudulent purchases have already been made, ask them how you go about disputing the fraudulent charges.
4) If new, fraudulent accounts have been opened, report it to the local police where the account was opened and to the FTC (see step 9 below). Obtain an ID Theft Report from the local police and/or the FTC. While waiting for the latter report, contact the company with whom the account was opened. Tell them it is a fraudulent account and a case of ID Theft and a formal report will be forthcoming, and ask the company to explain to you how to go about disputing any charges.
5) Contact your bank and other financial/investment institutions. They should offer to change your accounts, also.
6) Do the same for any and all accounts you have that could be compromised: eBay, PayPal, BidPay, whatever.
7) Do the same for mortgages or car loans or personal loans you have.
8) Contact the police where you live and let them know what has happened, especially if you feel your safety is in question (most likely it is not, but still do it).
9) Report what happened to the FTC's ID Theft Hotline-1-877-438-4338 and ask them for any help they can provide
10) Notify the Social Security Adminsitration, 1-800-772-1213. Let them know what happened. Get it on the record. In some instances, if fradulent use of you number occurs, you can get a new number.
11) Now either take the money you have out of savings or borrow money in order to pay off all outstanding credit that you can; then close the accounts. Close the accounts means when you pay the balance off, tell the creditor you want the account closed.
Part II: Recovery
12) Report the theft to your household goods/homeowner insurance carrier. Many policies cover personal items stolen while traveling and some even offer coverage so you can have your locks changed at home, the cost of new drivers license if that number is compromised and must be changed, and more.
13) If your insurance company says you're not covered, or if you do not have coverage, get a lawyer to look at your policy and to explain the laws in Virginia regarding hotel liability in a situation such as this.
14) Open new accounts as required, since you closed all the old ones. Whenever possible, open the accounts such as MasterCard, Visa, whatever, with entirely new companies; that is, different companies from your previous accounts.
Part III: Future Preventative Measures
15) Subscribe to a credit monitoring service that monitors your credit and immediately reports significant changes in same; i.e., large purchases, unauthorized purchases, etc.
16) Do not store any personal information on your travel computer's hard drive. If you need personal information when you travel, keep it on a flash drive. After you use your computer on-line when traveling, run a sweeper and washer to clean all traces of your surfing off the laptop.
17) Back up your laptop's hard drive at home on an external hard drive so you don't loose what's on your hard drive should this ever happen again.
Finally, vote for politicians who support the death penalty for ID Theft -- just kidding ;>)
Submitted by: Eradikator
lock up your valuables; don't take 'irreplaceable' on trips
I tend to think the risk of identity theft is overstated.
As a general rule, criminals steal items that can be readily converted into *cash*. They're stealing your gear to sell it to someone, not to use the data that is on it. Is the end-buyer interested in what's on it? Maybe not. Maybe he/she is just interested paying $400 on a street corner for a laptop rather than $1,500 in a store (yes, buyers of this stuff have no conscience). But there are a few steps you should take anyway to watch out for 'bad things' that can happen to you just from using credit cards in stores and the like, as well as having your equipment stolen.
You can put alerts on your credit reports and on any other financial accounts detailed on your laptop by contacting your financial institutions. Google "ftc identity theft" for a government website on what to do in detail.
Obviously you're going to want to cancel and reissue your credit cards if the account numbers are on the laptop (in software configurations or in PDFs of bank statements).
Note that the credit card numbers are also something that can be readily converted into *cash*. Stealing a credit card or a credit card account number is not "identity theft", it's just plain theft. Using card numbers, account numbers, personal identifying info (date of birth, social security number, home address, mother's maiden nme, etc) to open up *new* accounts is identity theft. The more common problem is called "account takeover", where a thief directs your financial instituion to change the address on the account to his, not yours, to reissue credentials (atm card, social security, drivers license, passport, etc) for that account holder to the new address, and then uses the resources in that account to his own ends (opening other accounts in your name, using the securities in your online brokerage account to trade and drive up the price of securities the thief holds in another, legitimate, account already, and other 'indirect' means of converting your assets into cash, or leveraging your assets to increase the value of something he can turn into cash on his own without drawing attention to himself.
Protecting yourself in future: The hard reality is if I have the physical hard drive, and I'm determined, there's little you can do to defend against me with easy to use commercial tools. Windows has an encrypted filesystem feature, but there are (as there are with all such products) tools available over time that attack weaknesses in the storage of the 'keys' for that encrypted hard drive.
Manufacturers are starting to put hardware encryption actually into the hard drive mechanisms so an attacker would have no choice but to reinstall the operating system if he couldn't provide the right passphrase, but if you pick weak passwords, or write them on post-it notes taped to your laptop, then you're wasting your time if you think you are gaining something from any security tool.
New laptops include fingerprint scanners to make it easier to 'open' up stores of other credentials, and I think those are the beginnings of good user friendly technology. Because they are not foolproof, however, there are still alternate methods to get the data, ie a static password to log in to windows in case you get the sensor all cruddy or if your fingers get so dirty/greasy/unreadable that you cannot successfully log in thru the scanner. But I think the technology is promising (the gummy bear nonsense aside) in that it's easy to use, and it puts security into something that you're a) not likely to forget (you dont leave your fingers at home by forgetting to bring them with you) and that b) you couldn't readily make usable by other people by leaving them with the laptop (unlike passwords-on-post-it-notes). That said, the fingerprint is just a shortcut for *that* laptop to open up all your other passwords. If your data/applications use passwords you've GOT to take responsibility for choosing hard-to-guess ones that are easy to remember. There's tons of info on this around the web. Google 'choosing good passwords' and I'm sure you'll have reading for months.
I'm going to assume both laptops, at the very LEAST, are configured to require you to provide a username and password on startup. This is optional in many variants of Windows and MacOS, but it's the barest minimum any conscientious person should do to protect their data. If, after reading Dave's story, still think "hey, it's my laptop, not the company's, why should I make it hard for me to get at my stuff?", then you are Dave the night before this event happened, and you won't wake up until you're robbed like Dave was.
To protect data stored on the local drive hardware you could use something like PGPDisk to create another lettered drive (D:, E:, etc) which requires a passphrase to mount it (ie more than just logging in to Windows), and store all your data there (I say 'all' rather than 'all sensitive' because humans are creatures of habit, and you're more likely to *forget* to move something to that encrypted virtual hard drive if you only use it for 'some' items. But you've got to choose a *strong* (ie long and complex) passphrase for it to be useful. You want to make it harder for a thief to get the data, more work, more digging around - something you did *not* do by carrying your equipment in laptop bags (see more later on this). Again, that passphrase might be stored locally, depending on the product you use to create the encrypted virtual disk, but it's better than nothing. A purpose-built security tool like PGPDisk might be more likely to take strong countermeasures against a physical attack than a security 'feature' of an operating system like WIndows or MacOS (because PGPDisk's sole function is to provide security, its developers are focused on it - the OS developers have *lots* of competing design criteria on their plate beside 'security' when building the operating system).
Another glaringly obvious alternative if you're serious about preserving the stuff you *don't* need to travel with is: Don't Travel With It. Keep your long-lived items on an external drive at home. You wouldn't carry your photo album, college diploma, birth certificate, deed to your home, title to your car, etc, with you everywhere you go, so why carry your financial accounts, photographs, etc. in electronic format, particularly if it's your *only copy*.
Liability of the hotel: Nope. This one's your fault. They disclaim any and all liability for valuables left in the room, and they say so on their website and on the terms and conditions sheet you sign/initial when you check in, as well as on the signs on the back of the door.
If there's a safe in the room, you should have used it. If you insist on keeping valuables in your room (which, face it, we all do because it's 'easier' than using the hotel safe or lockboxes behind the front desk), they should have not been in any obvious container (camera bag, laptop bag, etc), and the bag they're in should have been locked.
Your goal is to raise the degree of difficulty for the thief. Theives steal because it's easier than working for a living. The more like 'work' you make it, the less likely you are to be a victim.
Laptop bags are like carrying around a 'hey, steal this bag' sign. Don't use them. You made targeting you *trivially easy* for the thief. I'd bet they didn't watch every room, but that they heard you say the room number aloud in the lobby or in the elevator while you were loaded down with very obvious "hey, computers are in here" luggage. They didn't try every room on your floor and leave all those doors open. They went to yours because they knew there was gear there. Worst case: hotel staff colluded with them to provide targeting information (I sound cynical, eh?).
Hope this helps and serves as something other than a complete "serves you right."
Submitted by jposhea3
Dave, regarding the actual theft of the laptop I recommend you research what amount of liability the hotel covers. Also, check with an attorney to see if you have any recourse as most hotels have a liability limit.
Regarding what may occur with the stolen machines is listed below:
1) The thief can sell the machines on the street for instant cash
2) A good hacker can possibly log onto your machine and gain access to all the information on the machine. If this is done and you have records of your credit cards, etc. this can be a nightmare.
Some useful tips:
1) Never let the PC leave your sight which is easier said then done but could prove to be a lifesaver if traveling. Airports, car rental agencies, etc. are a few places where a laptop can walk in a hurry.
2) Hotel rooms are a prime place for theft to occur. An example is the maid is cleaning the room and an individual walks in saying is is their room, grabs a laptop or anything else, tips the maid and is gone.
3) Lock the PC in the hotel safe in your room, if provided. This may seem like a good thing to do but do you know who has access to the safe besides yourself? I think not.
4) Have the front desk lock the machine in their safe. You are given an inventory sheet but their liability may still be less then the value of the machine.
5) Ideally, lock it in the trunk of your vehicle as this is probably the safest place for it to be.
6) Carry your PC in a piece of luggage and not in a PC carrying case which is a dead giveaway. There are backpacks made which can handle a laptop and you can fabricate something by just purchasing some protective foam to protect the machine from accidental damage.
7) Buy a cable lock for the machine. The problem with this is a good pair of bolt cutters can cut the lock in a second.
8) Buy a lock with an alarm. This is OK but in the case of the hotel theft it probably wouldn't have worked.
9) Register your machine with a company which can track the machine if it is stolen and possibly locate the thief. You can get further information about this off of the internet.
10) The best thing to do is have your data on a portable hard drive. You can then remove the hard drive and if the PC is stolen the only loss you suffer would be a hardware loss. You don't risk identity theft.
Each of the above offers some ideas on how to protect your computer from theft. Some of them will cost you a few dollars but those few dollars spent now will prevent a nightmare from happening if you have your identity stolen and are required to cancel credit cards, lost your good credit rating, etc.
In closing, use all the password protection you can on a machine. This will prevent a novice from breaking into your machine if it is stolen. Of course, you don't want this to ever happen again. Be diligent in protecting your laptop but be even more diligent in protecting your identity.
Submitted by tuvals
As a victim of identity theft, I can certain identify with this problem. I had a $2,000 notebook computer stolen with not only the contents of the hard drive, but with my data DVD's in the case containing everything about me, my financial records, etc.
Most thieves usually want to pawn the computer off to get money for their drugs or whatever else. This may not always be the case, but I had to believe it and since it happened to me six years ago I haven't had any identity theft problems since then.
There's probably not much you can do about what has happened, but you can prevent it from happening again. Use an external hard drive to backup your information at home (financial, letters, photos, etc.) and when you go on vacation, don't bring this external hard drive with you. If you need some or all of this data on your travels, put it on a CD/DVD and carry it with you (in your wife's purse if necessary, or just don't. You're on vacation. Leave the damn things at home!)
Save backups of all your data on CDs/DVDs at home prior to leaving. If someone steals your laptop/notebook computer at least you can restore the data prior to your vacation. While on vacation if you have compiled a lot of information, think about uploading files (FTP or otherwise) to a home site provided by your email provider (most provide space for a website, but this doesn't prohibit you from uploading files. I do it all the time. You might have to invest in an FTP program like WS_FTP or another.).
Don't do the stupid thing like I did and keep DVD copies of everything in the notebook bag especially anything with confidential information on it. My notebook computer was my secondary computer, but occasionally I would do field work and needed that information. I didn't know some thug (*#@*^%) was going to steal it, and neither did you.
If you had one of those key cards to get in your door, then whoever stole your computers must have been an employee--or they climbed up from the outside to your balcony (if you had one). I'm sure the hotel has a "cover your ass" policy that says they're not responsible for theft or anything else. If you didn't call the police then and also report it to the hotel management then you may not have much of a leg to stand on. A police report is better than an idle threat to the hotel. If you tell them you're going to put it on the news (everyone says that), they'll still ignore you until you do.
Upscale means nothing nowadays. There are still creeps and turds working in upscale hotels--they just have to lie a little more to get the job.
I hope you cancelled your bank cards, accounts, changed passwords, usernames, social security number, etc. If you can remember anything that was on your computer you must change passwords especially for any online accounts where these a-holes can do any damage. That's the first thing to do.
If you're like me you want to believe the hard drives were wiped out. But you still have to think they are using your information for all the wrong reasons and stop they're identity theft in its tracks by canceling all your credit cards, bank accounts, etc.
I wish you good luck. There are a lot of creeps out there who care about nothing but themselves. Death to identity thieves!
Submitted by whbos